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REAL PARTY IN INTEREST 
The real party in interest is the assignee Intel Corporation. 
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RELATED APPEAL ANn PQEB£ESEN££g 

None, 
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STATUS OF CLAIMS 

Claims 1-2 (Rejected). 
Claim 3 (Canceled). 
Claims 4-6 (Rejected). 
Claim 7 (Canceled). 
Claims 8-9 (Rejected). 
Claims 10-11 (Withdrawn). 
Claims 12-18 (Rejected). 
Claims 19-21 (Withdrawn). 
Claims 22-23 (Rejected). 
Claim 24 (Canceled). 
Claims 25-26 (Withdrawn). 
Claims 27-29 (Canceled). 
Claims 30-31 (Withdrawn). 
Claims 32-39 (Canceled). 

Claims 1-2, 4-6, 8-9, 12-18, and 22-23 are rejected and are the subject of this Appeal 
Brief. 
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STATUS OF AMENDMENTS 
All amendments have been entered. 
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SUMMARY OF CLATMF.n ?T T BJECT MATTER 
In the following discussion, the independent claim is read on one of many 
possible embodiments without limiting the claim. 

I. A processor comprising 
memory (Fig. 3, 360); 

decode logic (Fig. 3, 340) to receive a launch instruction; and 
one or more execution units (Fig. 3, 370) to execute the launch instruction by 
loading an authenticated code module into the memory, locking the memory, retrieving a 
key, authenticating the authenticated code module stored in the memory using the key, 
and initiate execution of the authenticated code module stored in the memory. 

At this point, no issue has been raised that would suggest that the words in the 
claims have any meanings other than their ordinaiy meanings. Nothing in this section 
should be taken as an indication that any claim term has a meaning other than its ordinary 
meaning. 
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GROUNDS OF RFTRCTION Tn nn reviewed n N ^ P pp u 
A. Whether claim 1 is unpatentable over U.S. Patent No. 6,65 1,1 71 ("England") in 
view of U.S. Patent No. 6,704,872 ("Okada"). 
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ARGUMENT 

A. Is claim 1 unpatentable over England in view of Okada? 



It is respectfully argued that the combination of England and Okada is improper. 
The examiner argues that the motivation to apply Okada to England is to provide a 
processor with a function to prevent the illegal execution of a program, which is an object 
of Okada (see column 3, lines 34 to 38). This object, therefore, is allegedly fulfilled by 
the disclosure of Okada. Therefore, the authentication operation of Okada is to limit the 
right to use a specific software program to a single processor (i.e., to authenticate the 
processor). In contrast, England has an entirely different object, which is to hide the 
execution of curtained code from the normal operation of a system (see column 3, lines 
36-44), and the authentication operation of England is to authenticate programs (see 
column 3, lines 60-64). Combining Okada and England would do nothing to help Okada 
prevent the illegal execution of a program or to help England hide the execution of 
curtained code from the normal operation of a system. Therefore, there is no motivation 
to combine Okada and England. 

More specifically, the examiner argues that England describes loading an 
authenticated code module into memory and locking the memory. Locking the memory, 
according to England, is disabling all accesses to memory apart from those initiated by 
the processor executing authorized code (see column 1 1 , lines 40-43). There would be no 
reason to do this in connection with preventing the illegal execution of a program by a 
processor. The program would be accessible for execution by the processor, legally or 
illegally. England is clearly not related to preventing the illegal execution of a program. 
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Therefore, the combination of Okada and England is improper and withdrawal of 
the rejections based on their combination is respectfully requested. 



* « * 

Applicant respectfully requests that each of the final rejections be reversed and 
that the claims subject to this Appeal be allowed to issue. Please charge any necessary 
fees, including extension fees, to our Deposit Account No. 50-0221. 

Respectfully submitted, 



Date: January 28, 201 p 



Thomas R. Lane 
Registration No. 42,781 
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gLAfMS APPENDIX 

The claims on appeal are: 

1. A processor comprising 
memory; 

decode logic to receive a launch instruction; and 

one or more execution units to execute the launch instruction by loading an 
authenticated code module into the memory, locking the memory, retrieving a key, 
authenticating the authenticated code module stored in the memory using the key, and 
initiate execution of the authenticated code module stored in the memory. 

2. The processor of claim 1 further comprising a cache memory that provides the 
memory. 

4. The processor of claim 2 wherein the execution units lock the cache memory 
to prevent replacement of lines of the authenticated code module stored in the cache 
memory. 

5. The processor of claim 1 wherein the execution units lock the memory to 
prevent other processors from altering the authenticated code module stored in the 
memory. 
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6. The processor of claim 1 wherein the decode logic is also to generate one or 
more opcodes for the launch instruction, wherein the execution units authenticate and 
execute the authenticated code module in response to executing the one or more opcodes. 

8. The processor of claim 1 , wherein the execution units retrieve the key 
specified by one or more operands of the launch instruction* 

9. The processor of claim 1, wherein the execution units, in response to the 
launch instruction, retrieve the key from a chipset. 

12, The processor of claim 1, wherein the execution units, in response to the 
launch instruction, decrypt at least a portion of the authentication module stored in the 
memory. 

13. The processor of claim 1 , wherein the execution units, in response to the 
launch instruction, decrypt at least a portion of the authentication module to obtain a 
digest value, and determine whether the authentication module is authentic based upon 
the digest value. 
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14. The processor of claim 1, wherein the execution units, in response to the 
launch instruction, obtain a digest value for the authentication code module, generate a 
computed digest value from at least a portion of the authenticated code module, and 
determine that the authenticated code module is authentic in response to the digest value 
and the computed digest value having a predetermined relationship. 

1 5. The processor of claim 1 , wherein the execution units, in response to the 
launch instruction, RSA-decrypt a signature of the authentication code module to obtain a 
digest value from the signature, perform a SHA-1 hash on the authenticated code module 
to generate a computed digest value, and determine that the authenticated code module is 
authentic in response to the digest value and the computed digest value being equal. 

1 6. The processor of claim 1 , wherein the execution units initiate execution of the 
authenticated code module only if the authenticated code module is determined to be 
authentic. 

1 7. The processor of claim 16, wherein the execution units generate an error code 
in response to determining that the authenticated code module is not authentic. 

18. The processor of claim 1 7, wherein the execution units generate a trap in 
response to determining that the authenticated code module is not authentic. 
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22. The processor of claim 1, wherein the execution units authenticate and 
initiate execution of the authenticated code module stored in the memory in response to 
executing microcode associated with the launch AC instruction. 

23. The processor of claim 1 , embodied in a machine readable medium. 
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KVmKNCR APPENDIX 

None. 
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RELATED PROCEEDINGS APPRNDHf 

None. 
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1- (Original) An apparatus comprising: 

a first configuration address storage location to store a first pointer to a first 

memory region to which transactions to configure a first plurality of devices 

in a partitioned system are addressed; 
an access map storage location to store one of an access map and a pointer to an 

access map; and 

addressing logic to use the access map to determine whether a configuration 
transaction from a partition to a first device in the first plurality of devices is 
to be allowed. 

2. (Original) The apparatus of claim 1, further comprising a second configuration 
address storage location to store to store a second pointer to a second memory region 
to which transactions to configure a second plurality of devices in the partitioned 
system are addressed. 

3. (Original) The apparatus of claim 1, wherein the addressing logic includes partition 
identification logic to generate a partition identifier based on the address provided by 
the configuration transaction. 

4. (Original) The apparatus of claim 3, wherein the addressing logic includes look-up 
logic to look-up an entry for the first device in the access map. 
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5. (Original) The apparatus of claim 3, wherein the addressing logic includes look-up 
logic to look-up an entry for the first device in the access map, based on a device 
identifier provided by the configuration transaction. 

6. (Original) The apparatus of claim 4, wherein the look-up logic is also to look-up a 
sub-entry for the partition in the entry, to determine whether the configuration 
transaction is to be allowed. 

7. (Original) The apparatus of claim 4, wherein the look-up logic is also to look-up a 
sub-entry for the partition in the entry, and to determine whether the configuration 
transaction is to be allowed, based on the partition identifier provided by the partition 
identification logic. 

8. (Withdrawn) A method comprising: 

receiving a request from a processor to access the configuration space of a device 
in a partitioned system, the partitioned system including a plurality of 
partitions; 

determining a partition identifier for the request; and 

determining whether the device is assigned to the one partition, of the plurality of 
partitions, corresponding to the partition identifier using an access map. 

9. (Withdrawn) The method of claim 8, wherein determining a partition identifier 
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includes determining the partition identifier based on the address provided by the 
request. 

10. (Withdrawn) The method of claim 9, wherein determining the partition identifier 
based on the address provided by the request includes determining to which of a 
plurality of memory mapped configuration spaces the address belongs. 

11. (Withdrawn) The method of claim 8, wherein determining whether the device is 
assigned to the one partition of the plurality of partitions includes looking up an entry 
for the device in an access map. 

12. (Withdrawn) The method of claim 1 1, wherein looking up the entry for the device 
includes using a device identifier from the request to find the entry. 

13. (Withdrawn) The method of claim 12, wherein determining whether the device is 
assigned to the one partition of the plurality of partitions includes looking up a sub- 
entry in the entry, where the sub-entry indicates whether the device is assigned to the 
QM partition. 

14. (Withdrawn) The method of claim 13, wherein determining whether the device is 
assigned to the one partition of the plurality of partitions is based on the partition 
identifier. 
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15. (Original) A system comprising; 
a first partition including: 
a first device, and 

a first portion of a memory to which transactions to configure the first 
device are addressed; and 
a second partition including: 
a second device, and 

a second portion of the memory to which transactions to configure the 
second device are addressed; 
a storage location to store one of an access map and a pointer to an access map; 
and 

addressing logic to determine whether a device configuration transaction from a 
processor is to be allowed, based on the access map. 

16. (Original) The system of claim 15, wherein the addressing logic includes partition 
identification logic to generate a partition identifier based on the address provided by 
the device configuration transaction. 

17. (Original) The system of claim 16, wherein the addressing logic includes look-up 
logic to look-up an entry for the device configuration transaction in the access map, 

18. (Original) The system of claim 16, wherein the addressing logic includes look-up 
logic to look-up an entry for the device configuration transaction in the access map, 
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based on a device identifier provided by the configuration transaction. 

19. (Original) The system of claim 17, wherein the look-up logic is also to look-up a 
sub-entry for the partition in the entry, to determine whether the device configuration 
transaction is to be allowed. 

20. (Original) The system of claim 17, wherein the look-up logic is also to look-up a 
sub-entry for the partition in the entry, and to determine whether the device 
configuration transaction is to be allowed, based on the partition identifier provided 
by the partition identification logic. 
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ELECTION 

In response to the restriction requirement, invention group I is elected. Claims 
1-7 and 15-20 encompass the elected invention. Accordingly, claims 8-14 have been 
withdraw. Please charge any necessary fees, including extension fees, to our Deposit 
Account No. 50-0221. 



Respectfully submitted, 



Date: January 28. 2010 " \ 



Thomas R, Lane 
Registration No. 42,781 
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